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ABSTRACT 



The multi-server, location-independent authentication cer- 
tificate management system overcomes the limitations of the 
existing systems by automating the authentication certificate 
request, grant and installation processes. Much of the data 
used to create the authentication certificate request is readily 
available information, such as: requestor identification, 
Internet locus, date, time. The authentication certificate 
management system populates the certificate request with 
the available data and then prompts the user to provide the 
additional data in a simple manner, verifying the form and 
format of the input data. This automation of the authentica- 
tion certificate request generation minimizes the number of 
malformed authentication certificate requests. In addition, 
the authentication certificate management system is capable 
of being installed on a shared basis, wherein multiple servers 
and/or multiple services are provided with the authentication 
certificate from a centralized source. The authentication 
certificate management system automatically tracks the 
expiration date of the authentication certificate and also 
ensures the secure storage of the RSA encryption crypto- 
graphic key pair as well as the authentication certificate 
itself. 

38 Claims, 5 Drawing Sheets 
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MULTI-SERVER LOCATION-INDEPENDENT 
AUTHENTICATION CERTIFICATE 
MANAGEMENT SYSTEM 

FIELD OF THE INVENTION 5 

This invention relates to the authentication of parties on a 
data communication system and, in particular, to the use of 
a third-party authentication certificate authority in Internet 
client-server applications, which third-party authentication 1Q 
certificate authority functions to issue authentication certifi- 
cates to servers and, in some cases, clients to validate the 
identity of the parties who are participating in a data 
exchange via the Internet. 

PROBLEM 15 

It is a problem to authenticate the identity of parties who 
are participating in a data exchange on a data communica- 
tion system, such as the Internet. This is typically accom- 
plished by the use of a third -party authenticating authority, 20 
which is termed the authentication certificate granting 
authority. This issue is especially pertinent to the use of 
Internet, where a plethora of parties have access to the 
medium and security is rudimentary. 

The use of an authentication certificate granting authority 25 
in Internet client-server applications relates to the authenti- 
cation of the identity of the parties who are participating in 
a data exchange via the Internet. In particular, the authen- 
tication certificate granting authority represents an indepen- 
dent third-party entity which functions to issue authentica- 30 
tion certificates to servers and, in some cases, clients. The 
authentication certificates include the use of a private-public 
RSA encryption key pair and requester distinguishing infor- 
mation to ensure the accurate identification of the requester. 
The requestor generates the private-public RSA encryption 35 
key pair, requestor distinguishing information and transmits 
this data to the authentication certificate granting authority 
with a request for an authentication certificate. The authen- 
tication certificate granting authority reviews the received 
data, verifies the identity of the requestor and then transmits 40 
the issued (signed) authentication certificate back to the 
requesting party in encrypted form for installation on the 
requestor's server. Any client who contacts the requester can 
access the authentication certificate via the public RSA 
encryption key and receive an assurance that the party to 45 
whom they have connected is indeed the desired party, not 
a bogus imitator. Likewise, the client can have an authen- 
tication certificate capability so that the server can verify the 
identity of the client for credit/subscription verification. 

Unfortunately, the authentication certificate request, issu- 
ance and use processes are presently manually executed by 
the users. As a result, there is a high percentage of errors and 
mis-installation of authentication certificates on the request- 
or's server. The authentication certificate process is there- ^ 
fore burdensome, costly and typically mismanaged. The 
integrity of the authentication certificate process is therefore 
compromised. In addition, there is presently no capability to 
manage authentication certificates for multiple server/ 
multiple service installations, where the multiple services ^ 
are provided and/or the services are provided by a distrib- 
uted set of servers. 

SOLUTION 

The multi-server, location-independent authentication 65 
certificate management system overcomes the limitations' of 
the existing systems by automating the authentication cer- . 



2 

tificate request, grant and installation processes. Much of the 
data used to create the authentication certificate request is 
readily available information, such as: requestor 
identification, Internet locus, date, time. The authentication 
certificate management system populates the authentication 
certificate request with the available data and then prompts 
the user to provide the additional data in a simple manner, 
verifying the form and format of the input data. This 
automation of the authentication certificate request genera- 
tion minimizes the number of malformed authentication 
certificate requests. Once the authentication certificate 
request is completed, it is transmitted to the authentication 
certificate granting authority for processing. 

When the authentication certificate is granted, it is 
returned to the requesting server and stored therein for use 
by the requesting party. The authentication certificate man- 
agement tool is capable of being installed on a shared basis, 
wherein multiple servers and/or multiple services are pro- 
vided with the authentication certificate from a centralized 
source. Thus, receipt of the authentication certificate can be 
shared among a plurality of users. The authentication cer- 
tificate management system also automatically tracks the 
expiration date of the authentication certificate and also 
ensures the secure storage of the RSA encryption key pair as 
well as the authentication certificate itself. 

The authentication certificate management system there- 
fore automates the certification process, from the generation 
of the authentication certificate request to the management 
of the received authentication certificate. This automation 
enables the user to avoid the difficulties associated with the 
manual creation of a request and the associated overhead of 
processing both the request and the authentication certificate 
receipt. 

SUMMARY OF THE INVENTION 

The multi-server, location-independent authentication 
certificate management system K automates the authentica- 
tion certificate request, grant and installation process by 
populating the authentication certificate request with avail- 
able data and then prompting the user to provide the addi- 
tional data in a simple manner, verifying the form and format 
of the input data. This automation of the authentication 
certificate request generation minimizes the number of mal- 
formed authentication certificate requests. 

BRIEF DESCRIPTION OF THE DRAWING 

FIG. 1 illustrates in block diagram form the overall 
architecture of the authentication certificate management 
system of the present invention and an environment in which 
it operates; 

FIG. 2 illustrates additional details of the authentication 
certificate management system of the present invention; 

FIG. 3 illustrates in flow diagram form the operational 
steps taken by the authentication certificate management 
system of the present invention to generate and deliver an 
authentication certificate; 

FIG. 4 illustrates in block diagram form the flow of 
information among the various elements which comprise the 
authentication certificate management system of the present 
invention and an environment in which it operates for the 
authentication certificate request generation process; and 

FIG. 5 illustrates in block diagram form the flow of 
information among the various elements which comprise the 
authentication certificate management system of the present 
invention and an environment in which it operates for the 
process which installs the signed authentication certificate. 
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DETAILED DESCRIPTION 



FIG. 1 illustrates in block diagram form the overall Z~Z _ 

- # e it _ iL s * , MIffiQDCB6wIBADCBhTELMAkGAlUEBhMCVVMxCzArBgNVBA 

architecture of the authentication certificate management gT AidBMRAwDgYDVQQHEwdsrwRtb2SkMRcwFQYDVQQKEw 

system of the present invention and an environment in which 5 5NaWlsryb3NvZnQgQ29ycDEiMCAGAlUECxMZSW50ZWSldCBJ 

it operates, while FIG. 3 illustrates in flow diagram form the bmZvcml hdGlvbiBTZXZl cjEaMBgGAl UEAxQRSUlTU£lpY3Jvc 

operational steps taken by the authentication certincate 

* , *\ r.. * • t *j 8UG/dgYiMIuSMffh8rWsWdoc&V4HU541HHogw8gKia9ArAJC8aD 

management system of the present invention to generate and YNxBVqSvuVFqzZJOiEwicdSs/r/QQiDAQABoAAwDQYJKDZlhv 

deliver an authentication certificate. In particular, data com- cNAQEEBQADQQCGs3MQAMztP7gkj2CKTaKSCDGxoWinTcR9vb 

munication networks are in common use today, and a 10 ij2Xip9rEKje64si4mCYtP/uGUF5594LEzycrhiD4PWWF9WcPRH9 

popular publicly available network is the Internet. The " — 

Internet functions to interconnect a large plurality of parties ^ most minor of errors in me data input results ^ m 
via a data communication medium, which is typically the authentication certificate request that is rejected by the 
public switched telecommunication network. Each party certificate granting authority. The certificate granting author- 
either individually connects to the Internet via a modem and 15 fty generates a signed authentication certificate, which is 
a dialed up connection, using the existing telecommunica- also of form, format and content similar to that of the 
tion subscriber loop, or via a shared processor which inter- authentication certificate request, and must be processed in 
connects a plurality of parties to common processing facili- a manner to comply with the defined format, 
ties and via a pool of shared modems to the Internet and Authentication Certificate Management System 
optionally, other data communication facilities, such as a 20 FIG. 2 illustrates the architecture of the authentication 
private intranet. The data communication network illustrated certificate management system K of the present invention 
in FIG. 1 is simplified for the purpose of this description and which is installed on the server SI to accomplish the 
comprises a data communication medium, such as Internet, automatic generation of authentication certificate requests 
which interconnects a first party herein termed "server SI", and the management of the signed authentication certificates 
with third-party authentication certificate granting authority 25 received from the authentication certificate granting author- 
CA1. In addition, a gateway system G functions to inter- ity CA1. FIGS. 4 and 5 illustrate, in block diagram form, the 
connect the Internet with a plurality of local processors, flow of information among the various elements which 
Cl-Cn via a local area network LAN, with the local comprise the authentication certificate management system 
processors including a second party herein termed "client K for the authentication certificate request generation pro- 
Cl", which itself can serve a plurality of subscribers, The 30 cess and for the process which installs the signed authenti- 
server SI can implement a plurality of services, each of cation certificate on the target applications of the server SI, 
which is capable of being operationally independent of the respectively. 

other services extant on server SI. Alternatively, the services The authentication certificate management system K 

extant on server SI can be a collection of interrelated comprises a plurality of elements which are cooperatively 

services. In any case, the server SI provides one or more 35 operative to maintain and organize cryptographic keys 

services to the clients CI who interconnect with server SI. which are used to secure Internet communications. The 

^ , ^ . , T - . A authentication certificate management system K includes 

The difficulty with a client CI using the nternet to a lications for organizing the cryptographic keys and also 

interconnect with server SI and exchanging data therebe- des raphickey maint enance facilities KM, such 

tween and possibly engaging in financial transactions, is that ^ ^ stin and datin crypt0 g ra p hic keys and cracking 

there is no way of verifying the identity of the server SI to bask from me cry p t0 g ra p hic keys. The authen- 

whom the client CI is connected. To obviate this problem, <mtiactta managerneri t sys iem K is implemented in 

there are presently authentication certificate granting ^ foim of a user imerface app i ication m which mcnides 

authorities CA1 who function to validate the identity of a graphical user interface FC which drives the display D and 

servers SI who are connected to the Internet The use of an 4J receives da{a from me usef . , deyices ^ m weU kgmm 

authentication certificate granting authority CA1 in Internet ^ authentication certificate management system 

client-server applications relates to the authentication of the R ^ jncludes a D[x cteation ^ DCT wMch enables , he 

identity of the parties who are participating in a data ^ tQ ^ DUj . ^ ^ jde tfle desired 

exchange via the Internet. In particular, the authentication authenticltion certificate feature. The user typically creates 

certificate granting authority CA1 represents an ^dependent 5Q a rf DLLs ^ m£ DLL creation tool DCT ^ 

third-party entity connected to the Internet and which func- each ^ m ndi l0 me tocol aed for a 

Hons to issue authentication certificates to servers SI and, in ticular service ^ resident on server sl various 

some cases, clients CI. The authentication certificates services mat ovidt cnannel CO mmuni- 

include the use of a private -public RSA encryption key pair cations k< . ^ me hic k ^ stored ^ 

and requestor (either client or server) oistinguishmg mfor- SJ fa differeQt wa ^ vadous DLLs afe therefore 

mation to ensure the accurate identification of the requester. responsi51e for storing ^ cryptographic keys for these 

Authentication Certificates services in such a way that the associated service can use the 

The authentication certificate request and granted authen- cryptographic key. In addition, the DLLs notify the services 

tication certificate are both maintained in ASCII form. The of changes, retrieve the cryptographic keys for the authen- 

request is architected in a predefined format and includes the 60 tication certificate management system K and provide any 

requestor's name, telephone Dumber and E-Mail address. In service specific functionality that is required. The authenti- 

addition, the requestor's company name, organizational unit, cation certificate management system Kis a Microsoft File 

locality, state or province in which the company is located, Creation application and the DLLs created by the authenti- 

and common name or acronym for the company is included cation certificate management system K are Microsoft File 

in the request. The form of the request requires the exact 65 Creation DLLs. When looking at the user interface UI, what 

population of the fields with this data in ASCII form to result is of concern is the contents of the left Tree pane of the 

in a completed request, an example of which is: directory tree when the user interface UI displays the direc- 
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tory and file structure of the server SI. This directory tree If the selected service can be targeted to the designated 

represents a system of networked machines, each containing machine, the user creates a CService object and adds this to 

the target services APl-APm that are supported by the the target machine by using the FAddToTree operation. At 

authentication certificate management system K. These tar- this time, the custom icons and the like can be installed on 

get services APl-APm each have cryptographic keys asso- 5 the target machine. The authentication certificate manage- 

ciated with and stored within them as part of the authenti- ment system K must also override the PNewKey method in 

cation certificate management process. The authentication the user's service class. The cryptographic key class is also 

certificate management system K maintains the file objects overridden. After adding the selected service object to the 

that represent the networked machines on which the target designated target machine, and returning from the LoadSer- 

services APl-APm reside. The header file "KeyObjs.rr" 10 vice routine, the user's service LoadKeys method is called, 

located in the authentication certificate management system The parental CMachine is passed to this method if not 

K, describes the file objects that are relevant to the external previously loaded. The LoadKeys method enables the user 

DLLs. The user generated DLLs must override both the to define the methodology used to access the designated 

target service class and the cryptographic key class. To . service. This is accomplished by creating the necessary 

accomplish this, each DLL maintains one service level 15 cryptographic keys and using the CKey process created 

object and the cryptographic keys that it contains. The user objects by attaching them to the service object, 

can retrieve the properties of either the target services Once the user changes the cryptographic keys, the FCom- 

APl-APm or the cryptographic keys, and the DLL created mitChangesNow method is called to write all of the cryp- 

by the user for the target service APl-APm has an oppor- tographic keys out to the designated service on the target 

tunity to provide specific configuration functionality at these 20 machine. When the authentication certificate management 

times. system K disconnects from a target machine, it calls the 

Class Structure CloseConnection method of all of the services attached to 

The interface for the authentication certificate manage- that machine object, 

ment system K extensions consists of an application which Cryptographic Key and CMachine Objects 

defines a plurality of classes that the user must override to 25 The cryptographic key objects are the primary place that 

provide the specific functionality. The base class for all the sensitive cryptographic key information is stored. As the 

objects that can be in the tree view is the CTreeltem class. service object loads the stored cryptographic keys, the 

The objects included in this group are machines, target service object creates a plurality of cryptographic key 

services, cryptographic keys and cryptographic key folders. objects and attaches these cryptographic key objects to the 

In this structure, each tree item objects can contain other tree 30 service object. The cryptographic key object is used to 

item objects. Thus, the user can add services to machines provide access to the public cryptographic key information 

and cryptographic keys to services. and to maintain the cryptographic key's data. The crypto- 

The CTreeltem class is defined in the authentication graphic key object contains four pieces of information that 
certificate management system K, and its purpose is to must be securely stored and retrieved for each cryptographic 
provide a base set of functionality for managing the object 35 key. This information comprises: private cryptographic key, 
items in the tree. For example: given any CTreeltem derived public cryptographic key, certificate request data, and pass- 
object (that has been added to the tree), tree children can be word. The authentication certificate management system K 
added to this object, these tree children can be searched, provided the user with the capability to copy/cut/paste 
parent object of this object can be retrieved, the name and cryptographic keys within and between services, 
icon of this object can be set, and the like. All these routines 40 CMachine objects are created, held and maintained exclu- 
are described in the CTreeltem section of the header file. sively within the authentication certificate management sys- 

All the sub -classes of the CTreeltem class have the option tem K. They are the parents of the service objects and are 

of allowing customizable properties through the OnUp- available for the user to obtain information regarding the 

dateProperties and OnProperties methods. If the user over- target machine, 

rides these methods and treats them like a normal Microsoft 45 CKeyCrackedData Objects 

File Creation command handler, the Properties item in the CKeyCrackedData Objects is a utility object provided to 

context menu is available and the user has the ability to give easy access to the contents of a cryptographic key's 

process the Properties item as is well known. public certificate. The user creates an instance of CKey- 

Service Objects CrackedData and calls CrackKey to pass the cryptographic 

The first thing the DLL generated by the user in the DLL 50 key of interest, 

creation tool DCT must do is create a service object and System Operation 

attach it to a machine. This service object is represented as In operation, as shown in flow diagram form in FIG. 3 and 
the mid-level item in the directory tree. The service object in block diagram form in FIGS. 4 and 5, the requester, a user 
must be a sub-class of the provided CService class, which is at server SI in this example, initiates the authentication 
defined in the KeyObjs.h file. The main purpose of the 55 certificate request generation process at step 301 by select- 
service object is to provide the basic interface to the specific ing the certificate generation process for activation and 
service on the target machine. The target machine can be a inputing a predetermined set of requestor distinguishing 
WWW server, pop3, nmtp and the like. When the authen- information and a password 401 to the user interface UI. The 
tication certificate management system K first attempts to user interface UI verifies the format of the requestor distin- 
establish contact with the target machine, it creates a CMa- 60 guishing information and forwards this received information 
chine object which targets that machine and asks all the to the security provider SP application resident on server SI . 
extension DLLs to attach service objects to it. The authen- At step 302, the security provider application SP of the 
tication certificate management system K accomplishes this server SI generates the private-public RSA encryption cryp- 
by calling the exported Load Service routine in the DLL and tographic key pair 404, and the authentication certificate 
passing it the machine. This is the only explicitly exported 65 request 405 which includes the user distinguishing informa- 
routine that must be supported. The remainder of the process tion and the public cryptographic key. Both the private- 
is achieved by the use of virtual tables. public RSA encryption cryptographic key pair 404, and the 
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authentication certificate request 405 are stored in the cryptographic key and receive an assurance that the party to 

memory SM of the server SI for future reference. At step whom they have connected is indeed the desired party, not 

303, the server SI transmits the authentication certificate a bogus imitator. Likewise, the client can have an authen- 

request 405 to the authentication certificate granting author- tication certificate capability so that the server SI can verify 

ity CA1 in the form of a request for an authentication 5 the identity of the client for credit/subscription verification, 

certificate Typical Implementation Of A C++ User Interface 

Hie authentication certificate granting authority CA1 The lowing represents a C++ implementation of a 

receives the transmitted data at step 304, reviews the typical DLL creation tool DCTrn the user interface UI. This 

received data, verifies the identity of the requestor. If the ^P le ^ arKTO *™™* Mc ™V™ *° 

received data matches the requester validating information 10 crea Ion . ° / 

that is available to the authentication certificate granting ^P rotect mis file multl P lc mclusion 

authority CA1, the authentication certificate authority CA1 #ifndef KEYR1NGOBJECTS 

generates the signed authentication certificate. At step 305, #define -KEYRINGOBJECTS- 

the authentication certificate granting authority CA1 trans- /* STARTING 

mits the issued authentication certificate 502 back to the 15 When creating your dll using this api, you will be mostly 
requesting party, server SI, in encrypted form for installa- concerned the CService and CKey object classes. You are 
tion on the requestor's processor. expected to override both of these and provide functionality 
This process is accomplished by the server SI as shown for storing/retrieving the cryptographic keys and maintain- 
in steps 306-307 of FIG. 3 and in block diagram form in ing any service specific properties. Your dll needs only one 
FIG. 5. At step 306, the signed authentication certificate 502, 20 exported routine "LoadService" defined below. This routine 
received from the authentication certificate granting author- creates your overridden service object, populates it with 
ity CA1 is available for installation on one or more appli- retrieve cryptographic keys, and connects it to its host 
cation processes APl-APm on one or more target machines, machine. The Machine object is passed in to this routine and 
such as server SI. This is accomplished by the user access- the service is returned. If the host machine does not have 
ing the user interface UI and activating the install certificate 25 your service on it, simply return from LoadService without 
option. The user is prompted by the user interface UI for the attaching a service object to it. 
location of the signed authentication certificate 502 as well PROPERTIES 

as the password for unlocking the cryptographic key pair. You can enable the properties item in the context menu for 

The user interface UI uses this information to activate the either your cryptographic keys or your service by overriding 

validate certificate process which interfaces with the security 30 the classes' OnUpdateProperties and OnProperties routines, 

provider application SP. The validation occurs in the security These are very similar to MFC command handlers. In fact, 

provider application SP which matches the signed authen- they are just passed in from a command handler. You can do 

tication certificate 502 with the private-public RSA encryp- whatever you feel like in the OnProperties routine, although 

tion cryptographic key pair 506 and the validated authenti- some sort of dialog is probably appropriate; 

cation certificate request 405. At step 307, the server SI 35 INFO STRING 

stores the signed authentication certificate in memory foT Services and Cryptographic Keys also have the option of 

future access by clients by calling the service specific displaying a one -line information string in the right-hand 

extension 507 which receives the cryptographic key pair 506 pand of the cryptographic keyring application. To do this, 

and the signed authentication certificate 502, and loads the override the GetlnfoString method and return something, 

signed authentication certificate on the target system SI. 40 Cryptographic key NAMES 

This is accomplished by the authentication certificate man- All cryptographic keys have names and you are expected 
agement system K querying the service specific extension to store/retrieve them. The name is automatically editable in 
507 for the identity of the server SI that it has previously the right-hand pane of the main app. The name, however, 
connected to for an enumeration of the signed certificates can be different from the caption in the tree view. To do this, 
that the service specific extension 507 maintains on the 45 override the Update Caption routine and use it to call FSet- 
specified server SI. The authentication certificate manage- Caption with a modified string name. An example can be 
ment system K checks the expiration date of the signed seen in the W3 server, which displays the name of the 
authentication certificate 502 and if the date is within a cryptographic key followed by the ip address it is attached 
predetermined time range or has expired, the authentication to in brackets. MyKey<100.200.150.250> 
certificate management system K displays a graphical warn- so CUSTOM ICONS IN TREEVIEW 
ing to the user about pending or actual expiration of the You can add your own custom icons to the tree view in 
signed authentication certificate 502. The signed authenti- addition to the standard machine, cryptographic key, unifi- 
cation certificate 502 can be moved and/or copied by use of ished cryptographic key icons. To do this, get the CTreeCtrl 
the graphical interface on the user interface UI via the cut, object by calling PGetTreeCtrl. Then use that to get the 
copy and paste operations active thereon. Any client CI who 55 CImageList. From there, you can add your own icons 
contacts the requester, server SI, can access the signed (making sure to note down the starting index) See CTreeCtrl 
authentication certificate 502 via the public RSA encryption and CImageList docs for details. 



V 

//basic icon numbers 
enum 
{ 

TREE_lCON_MACHINE . 
TREE_[CON_KEY_OK, 
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-continued 



TREE_lCON_KEY _XM MATURE, 
TREE„[CON_KEY ^EXPIRED 

}; 

//declare the correct dllexport definitions 
#ifdef_EXE_ 

// we arc exporting the classes - this is the main application 
#defme DLL_SHARE _declspec( dllexport ) 
#else 

// we are importing the classes - this is your dil 
#define DLL_SHARE _declspec( dllimport ) 
#eadif_EXE_ 

//====etBt=c========aoForward class declarations 

class DLL__SHARE Cmachine; 

//====================. TeDiplatc for the exported routine 

extern BOOL__cdecl LoadService( Cmachine* p machine); 

//- 

// CTreeltem 

// This is the base class for all objects that can be in the tree view. 

//This includes machines, services, cryptographic keys and cryptographic key 

folders. Note that each 

// tree item object can contain other tree item objects. This interface 
// allows you to access the item's handle in the tree, 
class DLL_SHARE CTieeltem : Public CObject 
{ 

public: 

// constructors 

CTreeltem( ); 

// get the parent object 

CTreeltem* PGetParent( void); 

// remove this item from the tree 

BOOL FRemoveFrornTiee( ); 

// access the name of the item 

// Must be added to parent firstl r 

virtual void UpdateCaption(void) {;} 

BOOL FSetCaption (CString & szName) 

// a informational string that is displayed in the right-hand 

//pane of the main application. Override to actually show something 

virtual void GetlnfoString (CString & szEnfo) 

{ sz!nfo.Empty( ); } 
// access the image shown in the tree view 
// Must be added to parent firstl 
WORD IGctImage(void) { return m__image;} 
BOOL FSetlmagefWORD i); 
// get the grandparental ctreectrl object 
CTrecCtrl* PGetTreeCtrl( void ); 
// add the item to the tree 
BOOL FAddToTrec( CTreeltem* pParent ) 
// how many children does this item have? 
WORD GetChildCount( ); 
// get the HTREEITEM handle . 

HTREEITEM I IGe tTieelTem( ) { return m_bTreeItem; } 
//do you want the properties item in the context menu? 
//the default is NO - Override these in your subclasses 
//to provide specific properties dialogs . 

virtual void OnUpdateProperticsfCCmdUI* pCmdUl) 
{pCmdUI — >Enable(FALSE);) 
//your properties item has been selected 

virtual void OnProperties( ) (ASSERT(FALSE) ;) 
// helpful utilities for scanning the 
// children contained by a object 

CTreeltem* GetFirstChild( ); 

CTreeltem* GetNextChild( CTreeltem* pKid ); 
//access to the dirty flag 

//setting dirty affects parents too (in the default method) 
virtual void SetDirtyfBOOL fDirty); 
virtual BOOL FGetDirty( ) 
{ return m__fDirty; } 

protected 

// DO declare all this stuff DYNCREATE 
DECLA RE-DYNCREATE(CTree[tem) ; 

// the name of the item. In the case of cryptographic keys, you should 
// store this name and retrieve it later 

CString m szltemName; 

// index of the item's image in the image list 
// Note: if you wish to have a special icon different from 
// the standard icons enumerated above, (e.g. for a service) 
// you get the tree control, then use that to get its CImageList 
// object. Then you call the Add member of the image list. 
// That call does return the index of your first added image. 
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WORD m_ilmagc; 
// the dirty flag 
BOOLm_fDirty; 
private: 

// the item's reference handle in the tree 
/ access it using the api above 
HTREEITEM m__hTreeItem; 

}; 

//- 

//CKey 

// This class is what its all about. This is a cryptograpic key. You should override 

// this class. You are expected to provide storage and retrieval of this 

// cryptographic key. You are also expected to provide any properties dialogs and 

such. 

II basic SSL functionality has already been built in. 
class DLL_SHARE CKey :public CTrccItem 
{ 

public: 

CKey( ); 
~CKey( ); 

// override the update caption so the name is automatically shown 
{ 

FGSetCaption(m__szItemName) ; 

UpdateIcon( ); 

} 

// update the currently shown icon 
virtual void UpdateIcon( void ); 

// the private cryptographic key- keep this safe! // must store I 

DWORD m__cbPrivateKcy; 

PVOID m__pPrivate Key; 

// the certificate // must store! 

DWORD m-cb Certificate; 

PVOID m_p Certificate; 

// the certificate request//must store! 

DWORD rrL_cbCertiflcateRequest; 

PVOID m__pCertificateRequest; 

// the password. Be careful where you 

// store this. 

CString m_szPassword; 

// make a copy of the cryptographic key 

virtual CKey* PClone(void); 
// checks that the cryptographic key, certificate and password all match 

BOOL FVerifyVklidPassword( CString szPassword ); 
// routine for installing the certificate 

virtual BOOL FInstallCertificatc( CString szPath, CString szPass ); 
virtual BOOL Flnstal ICertificate (PVOID pCert, DWORD cbCert, CString &szP ass 

}; 

// write out the request file 

virtual BOOL FOutputRequestFile( Cstring szFile, BOOL fMime - FALSE, 
PVOID privdata - NULL ); 

// copy the members from a cryptographic key into this key 

virtual void CopyDataFrom( CCryptographic key* pCrypto graphic key ); 

// called by the right-hand dialog pane 

virtual void SetName( CString &szNewName ); 

virtual CString GetName( ) 

{ return m szItemName; } 

// import/export routines 

virtual BOOL FIinportKeySetFiles( CString szPrivate, CString szPublic, 
CString &szPass 

BOOLFImportExportBackupFile( CString szFile, BOOL flmport): 
protected: 

// DO declare all this stuff DYNCREATE 

DECLARE_DYNTCREATE(CKey); 

private: 

void OutpntHeader(CFile* pFile, PVOID privDatal, PVOID privData2); 

^ }; 

// CScrvicc 

// This class MUST be overridden in your dll! It is your main to the app. 
// It resides on a machine and contains cryptographic keys 
class DLL_SHARE CService: public CTr eel tern 
{ 

public: 

// create a new cryptographic key. You can override to 

//create a cryptographic key of your own class type 

virtual CKey* PNcwCryptographic key( ) {return new CKey;} 

load the existing cryptographic keys 

virtual void LoadKeys( CMachine* pMachine ) {;} 

/ the order in which things happen is that you are responsible 
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// for creating this service object and populating it with cryptographic key 

/ objects that you retrieve from whatever storage medium you want 

Then, if that is successful, you attach this service 

// to the machine that is passed in to you through the LoadService 

// routine. - NOTE that routine is a direct export of your DLL; 

// see the definition of that routine above. 

// CommitChanges is where you write out any and all changes in 

// the service's cryptographic key list to some storage facility. The storage 

// facility and the manner in which you access it is up to you. 

virtual BOOL FCommitChaDgesNow( ) (return FALSE;) 

// CloseConnection is called before disconnecting a machine from 

/ the tree, or when application is exiting. 

virtual void CloseConnection( ); 

protected: 

// DO declare all this stuff DYNCREATE 

DECLARE-DYNCREATE(CServicc); 

private: 

}; 



// CKeyCrackedData 

//This is a special purpose class. You give it a cryptographic key object (must have 
a 

//valid certificate attached to it) and it will crack the certificate, 
//you can then use the supplied methods to access the data in the certificate 
// This uses a two-step construction. First, declare the object, then 
// crack it using the CrackKey command, which returns an error code 
class DLL_SHARE CKeyCrackedData : public OObject 
{ 

public: 
// constructor 
CKeyCiackedData( ); 
-CKeyCrackedData ( ); 

// give it a cryptographic key to crack. If this object was previously used to 
/crack a cryptographic key, cleanup is automatically done and the new 

cryptographic key is 

//cracked - NOTE: The target cryptographic key MUST have either a 

certificate 

//or a certificate request Those are what get cracked. A return 
/value of 0 indicates success 
WORD CrackKey( CKey* pKey); 

// The rest of the methods access the data in the cracked certificate 

DWORD GetVersionf ); 

DWORD* PGetSerialNumber( ); 

// returns a pointer to a DWORD[4] 

int GctSignatureAlgorithm( ); 

FILETIME GetValidFrom( ); 

FILETIME GetValidUntil( ); 

PVOID PSafePubIicKey( ); 

DWORD GetBitLength( ) ; 

void Getlssuer( Cstring &sz ); 

void GetSubject( CString &sz ); 

void GetDNCountry( CString &sz ); 

void GetDNState( CString &sz ); 

void GetDNLocality( CString &sz ); 

void GetDNNctAddress( CString &sz ); 

void GelDNOrganization( CString &sz ); 

void GetDNUoit(CString & sz); 

protected: 

private: 

void GetDN(CString feszDN, LPCSTR szKey); 

CKey" m-pKey; 
PVOID m_pData; 

}; 

// CMacnine 

// This class is almost always used just by the application. It is the 
// machine that the services and cryptographic keys reside on. It is very simple and 
//I is to be used just to attach the services to something. Otherwise it 
// maintains where the machine is. 
class DLL_SHARE CMacnine: public CTreeltem 
{ 

public: 

//the machine objects are always created and maintained by the 

//application. This interface is provided just so that you can 

// attach and detach services to it. 

//query this method to see if this is the local machine or 

//a remote machine oh the net. 

virtual BOOL FLocal( ); 

// NOTE: when you add the service to the machine it is also added 
// to the tree view. The machine is always added to the tree view 
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//before you arc asked to load your service. Immediately after 

//adding your service to the machine, don't foiget to set the 

//service's caption string. 

virtual void GetMachineName(CString& sz); 

protected: 

//DO declare all this stuff DYNCREATE 
DECLARE_D YNCREATE(CMachine) ; 

// The name of the machine. - This MAY be different from the caption 
// in the tree view. This is the name you use to link to the machine 
// over the net. In the case of the local machine, this string will 
// be empty. Use SZGetMachineName( ) above to access it. 

CString m szNetMachineName; 

private: 
} 

// end inclusion protection 
#endif //_KEYRIN T GOBJECTS_ 



We claim: 

1. An authentication certificate management apparatus 20 
comprising: 

means, responsive to a user initiating a request for issu- 
ance of an authentication certificate, for automatically 
generating an authentication certificate request, which 
has a predetermined format and content including a ^ 
plurality of fields of data, wherein the means for 
automatically generating an authentication certificate 
request includes: 

means for prompting said user to input at least one set 
of data for entry into at least one of said plurality of 
fields of data, 30 

means for verifying form and format of said user input 
data, 

means for automatically generating at least one set of 
data, 

means for processing said automatically generated at 35 
Least one set of data and said user input data into said 
predetermined authentication certificate request for- 
mat and content; and 

means for transmitting said generated authentication 
certificate request to an authentication certificate 40 
granting authority. 

2. The apparatus of claim 1 wherein said means for 
automatically generating at least one set of data comprises: 

means for automatically generating a private -public 
encryption cryptographic key pair. 45 

3. The apparatus of claim 2 wherein said means for 
processing comprises: 

means for incorporating a public encryption crypto- 
graphic key of said private -public encryption crypto- 
graphic key pair into said authentication certificate 5Q 
request; and 

means for storing said generated private-public encryp- 
tion cryptographic key pair in said server. 

4. The apparatus of claim 3 wherein said means for 
processing further comprises: 55 

/ means for storing said generated authentication certificate 

request in said server. 

5. The apparatus of claim 4 further comprising: 
means, responsive to receipt of a signed authentication 

certificate from an authentication certificate granting 60 
authority, for installing said signed authentication cer- 
tificate on a server for at least one target machine. 

6. The apparatus of claim 5 wherein said means for 
installing comprises: 

means, responsive to a user inputting a password, for 65 
unlocking said private -public encryption cryptographic 
key pair; 



means for matching said signed authentication certificate 
with said private-public encryption cryptographic key 
pair and said stored authentication certificate request to 
validate said signed authentication certificate; and 

means, responsive to a validated signed authentication 
certificate, for storing said validated signed authenti- 
cation certificate in said server for said at least one 
target machine. 

7. The apparatus of claim 6 further comprising: 
means, responsive to receipt of a request from a user 

located external to said server for a signed authentica- 
tion certificate from said target machine, for utilizing a 
public encryption cryptographic key received from said 
user to access said stored private -public encryption 
cryptographic key pair stored in said server to validate 
said request; and 
means, responsive to validation of said user provided 
public encryption cryptographic keys, for transmitting 
said stored signed authentication certificate to said user. 

8. The apparatus of claim 7 further comprising: 
means, responsive to receipt of a request from a user for 

a signed authentication certificate, for checking the 
expiration date of the signed authentication certificate 
stored in said server to ascertain its validity; and 
means, responsive to said means for checking, for gen- 
erating an alert about pending or actual expiration of 
the signed authentication certificate where said expira- 
tion date is within a predetermined time range of 
expiration or has expired. 

9. A method of providing network services to at least one 
application process on at least one target machine, the 
method comprising: 

automatically generating, in response to a user initiating 
a request for issuance of an authentication certificate, 
an authentication certificate request, which has a pre- 
determined format and content including a plurality of 
fields of data, wherein the step of automatically gen- 
erating an authentication certificate request includes: 
prompting said user to input at least one set of data for 

entry into at least one of said plurality of fields of 

data, 

verifying form and format of said user input data, 
automatically generating at least one set of data, 
processing said automatically generated at least one set 
of data and said user input data into said predeter- 
mined authentication certificate request format and 
content; and 

transmitting said generated authentication certificate 
request to an authentication certificate granting author- 
ity. 
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10. The method of claim 9 wherein said step of automati- 
cally generating at least one set of data comprises: 

automatically generating a private-public encryption 
cryptographic key pair. 

11. The method of claim 10 wherein said step of process- 5 
ing comprises: 

incorporating a public encryption cryptographic key of 
said private-public encryption cryptographic key pair 
into said authentication certificate request; and 

storing said generated private -public encryption crypto- 10 
graphic key pair in a server. 

12. The method of claim 11 wherein said step of process- 
ing further comprises: 

storing said generated authentication certificate request in 
said server. 15 

13. The method of claim 12 further comprising the step of: 
installing, in response to receipt of a signed authentication 

certificate from an authentication certificate granting 
authority, said signed authentication certificate on said 
server for said at least one target machine. 20 

14. The method of claim 13 wherein said step of installing 
comprises: 

unlocking, in response to a user inputting a password, said 
private -public encryption cryptographic key pair; 

matching said signed authentication certificate with said 25 
private -public encryption cryptographic key pair and 
said stored authentication certificate request to validate 
said signed authentication certificate; and 

storing, in response to a validated signed authentication 3Q 
certificate, said validated signed authentication certifi- 
cate in said server for said at least one target machine. 

15. The method of claim 14 further comprising: 
utilizing, in response to receipt of a request from a user 

located external to said server for a signed authentica- 35 
tion certificate from said target machine, a public 
encryption cryptographic key received from said user 
to access said stored private-public encryption crypto- 
graphic key pair stored in said server to validate said 
request; and 40 
transmitting, in response to validation of said user pro- 
vided public encryption cryptographic key, said stored 
signed authentication certificate to said user. 

16. The method of claim 15 further comprising: 
checking, in response to receipt of a request from a user 45 

for a signed authentication certificate, the expiration 
date of the signed authentication certificate stored in 
said server to ascertain its validity; and 
generating a warning about pending or actual expiration 
of the signed authentication certificate if said expiration 50 
date is within a predetermined time range of expiration 
or has expired. 

17. One or more computer-readable memories containing 
a computer program that is executable by a processor to 
perform the method recited in claim 9. 55 

18. An authentication certificate management apparatus 
comprising: 

means, responsive to a user initiating a request for issu- 
ance of an authentication certificate, for automatically 
generating an authentication certificate request, which 60 
has a predetermined format and content including a 
plurality of fields of data, wherein the means for 
automatically generating an authentication certificate 
request includes: 

means for prompting said user to input at least one set 65 
of data for entry into at least one of said plurality of 
fields of data, 
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means for verifying form and format of said user input 
data, 

means for automatically generating at least one set of 
data, wherein the at least one set of data includes a 
private-public encryption cryptographic key pair, 
means for processing said automatically generated at 
least one set of data and said user input data into said 
predetermined authentication certificate request for- 
mat and content; 
means for transmitting said generated authentication cer- 
tificate request to an authentication certificate granting 
authority; 

means, responsive to receipt of a signed authentication 
certificate from said authentication certifying granting 
authority, for installing said signed authentication cer- 
tificate on a server for at least one target machine, 
wherein the means for installing includes: 
means, responsive to a user inputting a password, for 
unlocking said private -public encryption crypto- 
graphic key pair, 
means for matching said signed authentication certifi- 
cate with said private -public encryption crypto- 
graphic key pair and said stored authentication cer- 
tificate request, 
means, responsive to a validated signed authentication 
certificate, for storing said validated signed authen- 
tication certificate in said server for said at least one 
target machine. 

19. The apparatus of claim 18 wherein said means for 
processing further comprises: 

means for storing said generated private-public encryp- 
tion cryptographic key pair in said server. 

20. The apparatus of claim 18 wherein said means for 
processing further comprises: 

means for storing said generated authentication certificate 
request in said server. 

21. A method of providing network services to at least one 
application process on at least one target machine, the 
method comprising: 

automatically generating, in response to a user initiating 
a request for issuance of an authentication certificate, 
an authentication certificate request, which has a pre- 
determined format and content including a plurality of 
fields of data, wherein the step of automatically gen- 
erating an authentication certificate request includes: 
prompting said user to input at least one set of data for 

entry into at least one of said plurality of fields of 

data, 

verifying form and format of said user input data, 
automatically generating at least one set of data, 
wherein the at least one set of data includes a 
private-public encryption cryptographic key pair, 
processing said automatically generated at least one set 
of data and said user input data into said predeter- 
mined authentication certificate request format and 
content; 

transmitting said generated authentication certificate 
request to an authentication certificate granting author- 
ity; 

installing, in response to receipt of a signed authentication 
certificate from said authentication certifying granting 
authority, said signed authentication certificate on a 
server for at least one target machine, wherein the step 
of installing includes: 

unlocking, in response to a user inputting a password, 
said private -public encryption cryptographic key 
pair, 
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matching said signed authentication certificate with 
said private -public encryption cryptographic key 
pair and said stored authentication certificate request, 

storing, in response to a validated signed authentication 
certificate, said validated signed authentication cer- 5 
tificate in said server for said at least one target 
machine. 

22. The method of claim 21 wherein said step of process- 
ing further comprises: 

storing said generated private -public encryption crypto- 10 
graphic key pair in said server. 

23. The method of claim 21 wherein said step of process- 
ing further comprises: 

storing said generated authentication certificate request in 
said server. 15 

24. One or more computer-readable memories containing 
a computer program that is executable by a processor to 
perform the method recited in claim 20. 

25. A method of generating an authentication certificate 
request, the method comprising: 20 

prompting a user to input at least one set of data for entry 
into at least one field of data in the authentication 
certificate request; 

verifying form and format of said user input data; 25 

generating at least one set of data for entry into at least one 
field of data in the authentication certificate request; 

processing said automatically generated data and said user 
input data to create an authentication certificate request, 
wherein the authentication certificate request complies 30 
with a predetermined authentication certificate request 
format and content, and wherein the authentication 
certificate request is capable of being transmitted to an 
authentication certificate granting authority. 

26. The method of claim 25 wherein the step of automati- 35 
cally generating at least one set of data comprises generating 

a private-public encryption cryptographic key pair. 

27. The method of claim 26 wherein the step of processing 
comprises: 

incorporating a public encryption cryptographic key of 40 
said private-public encryption cryptographic key pair 
into said authentication certificate request; and 

storing said generated private -pub He encryption crypto- 
graphic key pair in a server. 45 

28. The method of claim 27 further comprising: 
installing a signed authentication certificate on said server 

for at least one target machine. 

29. One or more computer-readable memories containing 

a computer program that is executable by a processor to 50 
perform the method recited in claim 25. 

30. One or more computer-readable media having stored 
thereon a computer program comprising the following steps: 

prompting a user to input at least one set of data for entry 
into at least on field of data in an authentication 55 
certificate request; 

verifying form and format of said user input data; 
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automatically generating at least one set of data for entry 
into at Least one field of data in the authentication 
certificate request; 

processing said user input data and said automatically 
generated data to create an authentication certificate 
request, wherein the authentication certificate request 
complies with a predetermined authentication certifi- 
cate request format and content, and wherein the 
authentication certificate request is capable of being 
transmitted to an authentication certificate granting 
authority. 

31. One or more computer-readable media as recited in 
claim 30 wherein the step of automatically generating at 
least one set of data comprises generating a private-public 
encryption cryptographic key pair. 

32. One or more computer-readable media as recited in 
claim 30 wherein the step of processing comprises incorpo- 
rating a public encryption cryptographic key of said private- 
public encryption cryptographic key pair into said authen- 
tication certificate request. 

33. An authentication certificate management apparatus 
comprising: 

an interface module to prompt a user to input at least one 
set of data for entry into at least one of a plurality of 
data fields; 

a verification module to verify form and format of said 

data input by the user; 
a data generation module to automatically generate at 

least one set of data; 
a processor to process the data input by the user and the 

automatically generated data into an authentication 

certificate request having a predetermined format and 

content; and 

a transmitter to transmit the authentication certificate 
request to an authentication certificate granting author- 
ity. 

34. The apparatus of claim 33 wherein the data generation 
module is further to generate a private-public encryption 
cryptographic key pair. 

35. The apparatus of claim 33 wherein the processor is 
further to store the authentication certificate request. 

36. The apparatus of claim 33 further including an instal- 
lation module to install a signed authentication certificate on 
a server for at least one target machine in response to 
receiving a signed authentication certificate from an authen- 
tication certificate granting authority. 

37. The apparatus of claim 36 further including a match- 
ing module to match the signed authentication certificate 
with a private-public encryption cryptographic key pair and 
a stored authentication certificate request to validate the 
signed authentication certificate. 

38. The apparatus of claim 33 further including an expi- 
ration checking module to check the expiration date of a 
signed authentication certificate stored in a server, thereby 
determining the validity of the signed authentication certifi- 
cate. 

* * * * * 
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